Month: May 2018

Windows 10 News You Can Use – May 2018

Posted on Updated on

Win10NewsLogo Windows 10 news you can use, May 2018 edition

Providing insights into Windows 10 deployment & management, security & compliance, and productivity

Also see other news related to Windows 10

Windows 10 April 2018 Update (version 1803) released!  More info at:

Deployment & Management

1)      Windows 10 Group Policy vs. Intune MDM Policy: who wins?

2)      If you’re an IT administrator managing Windows Server and Windows, you probably open dozens of consoles for day-to-day activities, such as Event Viewer, Device Manager, Disk Management, Task Manager, Server Manager – the list goes on and on. Windows Admin Center brings many of these consoles together in a modernized, simplified, integrated, and secure remote management experience.

3)      Forrester Study: Modernize Your Device Management Using The Cloud. Today’s computing infrastructure acquisition, deployment, management, and servicing methods pose challenges to large and small organizations alike. As employees increasingly rely on myriad devices and applications to do their jobs, IT professionals must find efficiencies in how they provision and support new devices and applications. Luckily, operating system (OS) solutions that are fully integrated with the cloud and designed to work across devices are emerging.

4)      With the upcoming release of Windows 10, version 1803, we are taking the next steps in our efforts to make kiosks even more capable – and easier – to deploy and configure.

5)      Announcing MSIX – bringing together the best of UWP and traditional MSI applications.  Including a partnership with Advanced Installer Express edition.

Security & Compliance

1)      Windows Hello and FIDO2 Security Keys enable secure and easy authentication for shared devices.

2)      Azure AD Conditional Access policies can now check device health as reported by Windows Defender Advanced Threat Protection.

3)      New capabilities of Windows Defender ATP further maximizing the effectiveness and robustness of endpoint security.  Includes: automated investigation + remediation of threats, Microsoft 365 conditional access based on device-risk, advanced hunting, signal sharing across the Intelligent Security Graph, Windows Secure Score reports on devices’ security posture with actionable recommendations.

4)      With Windows 10 1803, we are implementing the first phase of Windows Defender System Guard runtime attestation, laying the groundwork for future innovation in this area. This includes developing new OS features to support efforts to move towards a future where violations of security promises are observable and effectively communicated in the event of a full system compromise, such as through a kernel-level exploit.  Runtime attestation can help in many scenarios, including: providing supplementary signals for endpoint detection and response (EDR) and antivirus vendors, detecting artifacts of kernel tampering/rootkits/exploits, protected game anti-cheat scenarios, sensitive transactions, conditional access.

5)      Windows Defender ATP will now be able to provide the machine-risk level to conditional access (powered by Microsoft Intune and Azure Active Directory) to block compromised devices from accessing corporate resources.

6)      Teaming up in the war against social engineering attacks like tech support scams with Windows 10.

7)      Nearly one year passed since David das Neves had written a comprehensive summary around PowerShell Security ( There are many security controls which need to be known and configured. But the problem for most admins is ‘Where to start and where to end?’.  This article provides guidance on how to prioritize those security controls.

8)      We now have a published table of which Windows Defender Exploit Guard feature works with which edition of Windows 10 (Professional vs. Enterprise E3 vs. Enterprise E5).

9)      Dofoil is a sophisticated threat that attempted to install coin miner malware on hundreds of thousands of computers in March, 2018. In previous blog posts we detailed how behavior monitoring and machine learning in Windows Defender AV protected customers from a massive Dofoil outbreak that we traced back to a software update poisoning campaign several weeks prior. In this blog post, we will expound on Dofoil’s anti-debugging and anti-analysis tactics, and demonstrate how the rich detection libraries of Windows Defender Advanced Threat Protection and Windows Defender Exploit Guard can help during investigation.


1)      Make the most of your time with the new Windows 10 update for April 2018. With Timeline, your Windows 10 PC lets you go back in time up to 30 days to find your stuff, whether you were working on it earlier today, last week, or a few weeks ago. With Focus Assist, use whenever you want to get things done without distractions, like social media or other notifications. Or set it to turn on automatically at certain times during the day when you want focused time. With Dictation, it’s now easier than ever to take a note or write a paper, with just your voice.

2)      Windows 10 Tip: Five expert tips to help you master ink in OneNote.

3)      Windows 10 Tip: 10 things you can do in Windows Mixed Reality right now.

4)      Windows 10 Tip: Five things you might not know that you can do right now with your Windows 10 PC.

5)      Windows 10 Tip: Five keyboard shortcuts you may not know about.

In other news related to Windows 10…
  • Your customers expect regular delivery of new capabilities, as well as support for existing applications. Find out how you compare to your peers—get The Case For Supporting Always Up-To-Date Operating Systems, a commissioned study conducted by Forrester Consulting, and discover the latest usage trends among software vendors like you. Reduce Complexity And Accelerate Your Application Release Cycle.  Register to download the white paper now to review recent findings about cloud-enabled OS adoption and usage trends among software vendors. Plus, learn five critical recommendations to consider as you evolve your application support and release strategy.
  • From an administration perspective, our vision for Microsoft 365 is to help simplify IT by unifying management across users, devices, apps and services. We are rolling out a new admin experience for Microsoft 365 enterprise customers. This will be a single place for admins to get started with Microsoft 365 and discover the breadth of management capabilities and experiences available to them across Office 365, Windows, and EMS, as well as Microsoft 365 Device Management. Integrated into this admin center is both the new Microsoft 365 Security & Compliance Center, dedicated to providing security and compliance specialists with integrated management capabilities across Office 365, Windows, and EMS, as well as Microsoft 365 Device Management. The Security and Compliance Center will be available shortly, with Device Management to follow afterwards. Please look forward to additional details.
  • Microsoft security announcements from the RSA 2018 conference.
    • Tapping the intelligent cloud to make security better and easier: Improving protection, Speeding up detection and response, Working across the industry, and The evolution of the intelligent edge.
    • By connecting security data and systems, we can gain an advantage over todays adversaries. At Microsoft, our security products are powered by the Intelligent Security Graph which synthesizes massive amounts of threat intelligence and security signals from across Microsoft products, services, and partners using advanced analytics to identify and mitigate cyberthreats. This week at the RSA conference, we announced the public preview of a Security API that empowers customers and partners to build on the Intelligent Security Graph. By connecting security solutions and integrating with existing workflows, alerts and contextual information from multiple solutions can be easily consolidated and correlated to inform threat detection, and actions can be taken to streamline incident response. The unified API will make these connections easier by providing a standard interface and uniform schema to integrate and correlate security alerts from multiple sources, enrich investigations with contextual data, and automate security operations for greater efficiency.